When IT security takes a backseat

We can hear all the reports we want about breached databases and servers at colleges - tens of thousands of student, faculty and staff identities compromised, yada yada yada - but, let's face it, nothing can affect somebody's emotions quite like a physical incident.

Kinda puts Patch Tuesday in perspective, doesn't it?

So as I grapple with trying to make sense of what occurred today at Virginia Tech down in Blacksburg, where at least 31 people are dead following some gun-toting sicko's rampage, it occurs to me that physical security will always trump IT security in terms of signficance.

And that's not necessarily a bad thing.

But that's not to say the logical security guys down at V Tech won't be involved in this investigation. If that university is like a majority of organizations across the country, both sides have, at least, begun working together. I'm sure there will be emails to go through, and things like that, as the investigation continues.

This incident sounds like an inside job. It's too early to speculate, but it appears this was the horrifying work of a student, who probably knew the campus well, who may have had physical access to certain buildings, etc.

If that's the case, no guns, gates or guards could have stopped him, until it was too late. Which is exactly the same thing many IT security pros deal with when a privileged insider robs them right before their eyes.

Logical and physical security are deeply related. Except a cybercrime won't make headlines for weeks to come, like this tragedy will. It won't be responsible for a mother having to trek to campus to identify her deceased child.

In that way, they will never be the same.
prestitial ad